BleepingComputer.com

"Microsoft says April Windows updates break VPN connections."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 01 May 2024, 1436 UTC.

Content and Source:  https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

Microsoft says April Windows updates break VPN connections

  • Microsoft says the April 2024 Windows security updates break VPN connections on Windows 11, Windows 10, and Windows Server systems.

  • Qantas
     
    SECURITY

Qantas app exposed sensitive traveler details to random users

  • Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users.

  • Router
     
    SECURITY

New Cuttlefish malware infects routers to monitor traffic for credentials

  • A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.

  • Protect your data without losing speed with $233 off SurfShark VPN
     
    DEALS

Protect your data without losing speed with $233 off SurfShark VPN

  • A VPN lets you connect anywhere with confidence that snoops and thieves won't be able to tap into your data. This two-year subscription to SurfShark VPN gives you unlimited bandwidth and device connection for $56.99, $233 off the $290 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • MAY 01, 2024
      •  
    • 07:12 AM
      •  
    • Comment Count 0
  • Malware Phishing
     
    SECURITY

New Latrodectus malware attacks use Microsoft, Cloudflare themes

  • Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.

  • The Philadelphia Inquirer
     
    SECURITY

Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach

  • Daily newspaper Philadelphia Inquirer revealed that attackers behind a May 2023 security breach have stolen the personal and financial information of 25,549 individuals.

  • R Language
     
    SECURITY

R language flaw allows code execution via RDS/RDX files

  • A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files.

  • Google
     
    SECURITY

Google now pays up to $450,000 for RCE bugs in some Android apps

  • Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward reaching $450,000 for exceptional quality reports.

  • Cybersecurity Lock World
     
    DEALS

Save over $250 on these cybersecurity training courses

  • Don't miss your chance to get The 2024 Cybersecurity Mastermind Training Bundle on sale for just $39.99 (reg. $300). 

    • BLEEPINGCOMPUTER DEALS
      •  
    • APRIL 30, 2024
      •  
    • 02:11 PM
      •  
    • Comment Count 0
  • Docker
     
    SECURITY

Millions of Docker repos found pushing malware, phishing sites

  • Three large-scale campaigns have targeted Docker Hub users, planting millions of repositories designed to push malware and phishing sites since early 2021.

  • Android
     
    SECURITY, MOBILE

New Wpeeper Android malware hides behind hacked WordPress sites

  • A new Android backdoor malware named 'Wpeeper' has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads.

  • UnitedHealth Group UGH
     
    SECURITY, HEALTHCARE

Change Healthcare hacked using stolen Citrix account with no MFA

  • UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled.

  • Turn your phone into a scanner with $140 off the SwiftScan VIP app
     
    DEALS

Turn your phone into a scanner with $140 off the SwiftScan VIP app

  • Paper is still everywhere, and turning it into digital materials makes life that much easier. This lifetime subscription to SwiftScan VIP puts a scanner in your pocket for $59.99, $140 off the $199 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • APRIL 30, 2024
      •  
    • 07:14 AM
      •  
    • Comment Count 0
  • Meerkat
     
    SECURITY

Muddling Meerkat hackers manipulate DNS using China’s Great Firewall

  • A new cluster of activity tracked as "Muddling Meerkat" is believed to be linked to a Chinese state-sponsored threat actor's manipulation of DNS to probe networks globally since October 2019, with a spike in activity observed in September 2023.

  • FCC
     
    TECHNOLOGY

FCC fines carriers $200 million for illegally sharing user location

  • ​The Federal Communications Commission (FCC) has fined the largest U.S. wireless carriers almost $200 million for sharing their customers' real-time location data without their consent.

  • London Drugs Closed
     
    SECURITY

London Drugs pharmacy chain closes stores after cyberattack

  • ​Canadian pharmacy chain London Drugs has closed all its retail stores to contain what it described as a "cybersecurity incident."

  • Heart Romance Scam
     
    SECURITY

FBI warns of fake verification schemes targeting dating app users

  • The FBI is warning of fake verification schemes promoted by fraudsters on online dating platforms that lead to costly recurring subscription charges.

  • Google
     
    SECURITY, GOOGLE, MOBILE

Google rejected 2.28 million risky Android apps from Play store in 2023

  • Google blocked 2.28 million Android apps from being published on Google Play after finding various policy violations that could threaten user's security.

  • Windows
     
    MICROSOFT

Microsoft fixes bug behind incorrect BitLocker encryption errors

  • Microsoft has fixed a known issue causing incorrect BitLocker drive encryption errors in some managed Windows environments.

  • Data Breach
     
    SECURITY

Collection agency FBCS warns data breach impacts 1.9 million people

  • Financial Business and Consumer Solutions (FBCS) is warning 1,955,385 impacted individuals in the United States that the company suffered a data breach after discovering unauthorized access to specific systems in its network.

VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more